I feel like this bug has been fixed numerous time, yet it keeps popping up. :-( I found this in the step log on an instance of QB:
06:15:27,320 DEBUG - Executing command: git clone --no-checkout
https://jszakmeister:******@github.com/neovim/neovim.git /home/quickbuild/buildagent/workspace/root/neovim/pull-requests-automated
06:15:27,320 DEBUG - Command working directory: /home/quickbuild/buildagent/workspace/root/neovim/pull-requests-automated
06:15:27,324 DEBUG - Cloning into '/home/quickbuild/buildagent/workspace/root/neovim/pull-requests-automated'...
06:15:49,814 DEBUG - Executing command: git fetch --all
06:15:49,814 DEBUG - Command working directory: /home/quickbuild/buildagent/workspace/root/neovim/pull-requests-automated
06:15:49,816 DEBUG - Fetching origin
06:15:50,173 DEBUG - Executing command: git fetch origin refs/pull/2943/head
06:15:50,173 DEBUG - Command working directory: /home/quickbuild/buildagent/workspace/root/neovim/pull-requests-automated
06:17:57,739 ERROR - error: The requested URL returned error: 403 while accessing
https://jszakmeister:
6e0a047da7e1553ad811b727ed6beb6a1eef04c6@github.com/neovim/neovim.git/info/refs
06:17:57,739 ERROR - fatal: HTTP request failed
06:17:57,741 DEBUG - Saving scm rc file ...
06:17:57,745 DEBUG - Saving scm rc file ...
06:17:57,812 INFO - Executing post-execute action...
06:17:57,812 ERROR - Step 'master>buildall>build-node?testNode=linux-64>checkout' is failed: Failed to run command: git fetch origin refs/pull/2943/head
Command return code: 128
Command error output: error: The requested URL returned error: 403 while accessing
https://jszakmeister:******@github.com/neovim/neovim.git/info/refs
fatal: HTTP request failed
Note: I changed the token. Perhaps there's a better way to catch this stuff with some sort of filter to prevent passwords from being exposed?
PS: it is somewhat difficult to implement a filter at low log level to mask out all passwords, as the log facility does not know which part of the text is a password. However if secret variables are used, we can track it at log level. For other situations, we have to deal case by case at command execution level.